lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20120622064100.GA286@x4>
Date:	Fri, 22 Jun 2012 08:41:00 +0200
From:	Markus Trippelsdorf <markus@...ppelsdorf.de>
To:	Borislav Petkov <bp@...64.org>
Cc:	"H. Peter Anvin" <hpa@...or.com>,
	Henrique de Moraes Holschuh <hmh@....eng.br>,
	Peter Zijlstra <peterz@...radead.org>,
	"Yu, Fenghua" <fenghua.yu@...el.com>, X86-ML <x86@...nel.org>,
	Ingo Molnar <mingo@...nel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	LKML <linux-kernel@...r.kernel.org>,
	Andreas Herrmann <andreas.herrmann3@....com>
Subject: Re: [PATCH 2/2] x86, microcode: Make reload interface per system

On 2012.06.22 at 05:36 +0200, Borislav Petkov wrote:
> On Thu, Jun 21, 2012 at 08:19:04PM -0700, H. Peter Anvin wrote:
> > On 06/21/2012 07:56 PM, Borislav Petkov wrote:
> > >>
> > >> That is orthogonal.  Anyway, my only concern about the request_firmware
> > >> interface is that the timing will be inherently wrong.
> > > 
> > > Timing? Please elaborate.
> > > 
> > 
> > The request_firmware will happen as soon as the driver is loaded; with
> > the early microcode blob scheme the driver will need to be built in and
> > so the request_firmware will happen, redundantly, immediately...
> 
> What if BIOS has patch version 1 (numbers are only for showing what I
> mean), then early scheme applies patch v2 but there is a newer patch
> version 3 in /lib/firmware?
> 
> If the ucode driver is built in, we don't get to update to v3
> automatically. User has to do it.
> 
> The current fix for this situation is have the microcode.ko as module
> (and only allow it as M) which then automatically does request_firmware
> at module init time and loads v3.
> 
> Which doesn't help people who don't build modules...

People who don't use modules have:
 echo -n 1 > /sys/devices/system/cpu/cpu0/microcode/reload
 ...
in their init script already.

That will have to change to a single:
 echo -n 1 >| /sys/devices/system/cpu/microcode/reload
in your new scheme.

Of course the best solution would be to get rid of that manual reload
altogether and to automatically load the firmware during boot (even
without modules)...

-- 
Markus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ